General
-
Target
build.exe
-
Size
1.6MB
-
MD5
1b7d8ca0cfb84c90c5bfc802774bc5fd
-
SHA1
8b48c14b0aac6198bf40552c7588ab58a3cca7b9
-
SHA256
9385bea0213097fe15cdb2e6df2707a02225a0772237776f0fb6d7e6223f11e1
-
SHA512
d900469a778ce083a8fe32ea23694164aeb3767cb4c6382c09b29570b72e154c7c3fbcdd985794ffedb7c37e6ac6ec1f667f5828459913b81f3417877372fc76
-
SSDEEP
24576:Ai2Q9NXw2/wPOjdGxY2rJxkqjVnlqud+/2P+A+ZecdyFoBkkAqmZywH0n:/Tq24GjdGSiJxkqXfd+/9AqYanCLH
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1288340000009748522/2KVL1Z7SHMRHn3N9hQFhH4iujipFLytO3PQf3ZZBIRimbQj3BDSdauW0_2C3xBh5DzMk
Signatures
-
Stealerium family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource build.exe
Files
-
build.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ